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REMARKS 

Applicants have studied the Office Action dated March 10, 2008, and have made 
amendments to the claims. It is submitted that the application, as amended, is in condition for 
allowance. Claims 1-20 are pending. Claims 1, 2, 7, 9, 10, 14-16, and 20 have been amended. 
Reconsideration and allowance of the claims in view of the above amendments and the following 
remarks are respectfully requested. 

The disclosure was objected to because of an "informality". The specification has been 
amended as suggested by the Examiner. No new matter has been added. It is submitted that the 
specification fiilfiUs all the requirements of 35 U.S.C. § 112. Therefore, it is respectfully submitted 
that the objection to the disclosure should be withdrawn. 

Claims 1, 3-6, 9, 11-13, 15, and 17-19 were rejected under 35 U.S.C. § 102(b) as being 
anticipated by Worth (U.S. Patent No. 5,881,225). Claims 2, 7, 10, 14, 16, and 20 were rejected 
under 35 U.S.C. § 103(a) as being unpatentable over Worth in view of Numano (U.S. Patent No. 
7,194,631). Claim 8 was rejected under 35 U.S.C. § 103(a) as being unpatentable over Worth in 
view of He et al. (U.S. Patent No. 6,088,451). These rejections are respectfully traversed. 

The present invention is directed to an efficient and easy-to-implement method for 
authenticating one user or class of users and then authorizing access as a different user or class of 
users. A user can select another user and/or class of users to switch to at login time, such that the 
identity switching operation can be performed in one step. Identity switching can also be performed 
within a system after login has occurred. An audit trail is created for a user for any actions taken 
regardless of the user's present system identity. 

One embodiment of the present invention provides a method for switching identity of a user 
that has a first usemame associated with a first class of users. According to the method, login 
information is received fi-om the user, with the login information including the first usemame, an 
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altemate class, and a password. The first usemame and the ahemate class are received as part of a 
user identification input of the login information entered by the user. The user is authenticated based 
on the first usemame and the password, and access to the computer system is provided as the 
alternate class, with the alternate class being different than the first class. 

Another embodiment of the present invention provides a system for switching identity of a 
user that has a first usemame associated with a first class of users. The system includes an interface 
receiving login information from the user, and a processor. The login information includes the first 
usemame, an alternate class, and a password. The first usemame and the altemate class are received 
as part of a user identification input of the login information entered by the user. The processor 
authenticates the user based on the first usemame and the password, and provides access to the 
computer system as the altemate class. 

The Worth reference is directed toward security fiinctions for controlling functional access to 
a computer system. However, Worth does not disclose a method for switching identity of a user in 
which login information including a first usemame, an altemate class, and a password is received 
from the user, the user is authenticated based on the first usemame and the password, and access is 
provided to the computer system as the altemate class, with the altemate class being different than 
the first class, and the first usemame and the altemate class being received as part of a user 
identification input of the login information entered by the user, as is recited in amended claim 1 . 
Amended claims 9 and 15 contain similar recitations. 

The Worth reference is directed toward security functions for controlling functional access to 
a computer system. In the system of Worth, users are authorized access to a computer system by 
providing a proper user name, a password, and a desired role from among those authorized for that 
user. Upon being authorized with initial access to the computer system, or simultaneously therewith, 
a subprogram collects information relating to the user such as which role that user is assuming during 
that login session, and to which group or groups the user belongs. That information is then passed to 
a security monitor program. When a process or application program is requested by a user to be 
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executed, or when a user requests access to sensitive data, the security monitor is queried and 
responds with information indicative of whether access should be granted, based on the authorization 
information passed to it soon after the user logged into the system. 

Thus, Worth explicitly teaches that a user first enters login information that includes a unique 
ID assigned to the user and a password. Once this login information is entered by the user, the 
system compares the login information to authorization information that was previously stored 
within the system. If the login information matches the previously stored information, the user is 
then given the opportunity to enter a role that the user desires to assume for the current login session. 

In contrast, in embodiments of the present invention, the first usemame and the alternate 
class are received as part of a user identification input of the login information entered by the user. 
Amended claim 1 recites "receiving login information from the user, the login information including 
the first usemame, an alternate class, and a password , the first usemame and the altemate class being 
received as part of a user identification input of the login information entered by the user ". Amended 
claims 9 and 1 5 contain similar recitations. Thus, in embodiments of the present invention, the first 
usemame and alternate class are entered together as part of the user ID input of the login 
information. In the system of Worth, a user ID is entered as part of the user ID login information and 
it is not until after the user enters the user ID (alone) and the password that the user can select from a 
given set of roles. 

The following image shows differences between the present invention and the system of 

Worth. 
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UserlD: 



Password: 



jdoe:admin 
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Present Invention 



User ID: 
Password: 



jdoe 




System of Worth 



As can be seen in these figures, in Worth the user is required to first enter a user ID and a 
password. Only after the system of Worth is able to authenticate the user is the user then given the 
ability to enter a role. However, in the present invention, the user enters both the usemame and role 
information at the same time as part of the user identification login information. Accordingly, the 
present invention distinguishes over Worth. 

Applicants believe that the differences between Worth and the present invention are clear in 
amended claims 1, 9, and 15, which set forth various embodiments of the present invention. 
Therefore, claims 1 , 9, and 1 5 distinguish over the Worth reference, and the rejection of these claims 
under 35 U.S.C. § 102(b) should be withdrawn. 
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As discussed above, amended claims 1, 9, and 15 distinguish over the Worth reference. 

Furthermore, all of the claimed features of the present invention are not realized even if the teachings 

of Numano or He are incorporated into Worth. Neither Numano nor He teaches or suggests the 

claimed features of the present invention that are absent from Worth. Thus, claims 1, 9, and 15 

distinguish over Worth, Numano, and He, and thus, claims 2-8, 10-14, and 16-20 (which depend 

from claims 1, 9, and 15, respectively) also distinguish over Worth, Numano, and He. 

Furthermore, it is submitted that limitations in the dependent claims are absent from Worth, 

Numano, and He. For example, with respect to claims 2, 10, and 16, the Examiner correctly 

recognizes that Worth does not teach that "the login information further includes a second usemame, 

and in the providing step, access to the computer system is provided (by the processor) with the 

rights and privileges of the second usemame". However, the Examiner takes the position that 

Numano teaches this feature of the present invention, stating: 

Numano discloses an invention which allows for user switching (col 1 , lines 
60-63), wherein a first user having a first usemame and password (col 4, lines 
36-40) switches to a second user by providing login information including a 
second user name and password (col 6, lines 1-12). Once, the second 
usemame and password has been authenticated, access to the computer 
system is provided by a processor with the rights and privileges of the second 
usemame (col 5, lines 57-67; col 7, lines 11-17; and col 8, lines 40-47). Note 
that in the user switching example which spans columns 6-7 of Numano, a 
switch from a user having a role/class of "administrator" to one having a 
role/class of "user" is performed. After the switch, access to the computer 
system is given with the rights and privileges of the "user" class. Note that the 
user switching performed by Numano also results in a role switch. 

However, Numano only teaches a switching function that can be used when a first user is 
currently logged in to allow a second user to log in. Nowhere does Numano teach or suggest that a 
user can enter a first user name, a second user name, and an altemate class together as a single input. 
The entire focus of Numano is to give a second user a login screen when a first user was already 
logged in. A single user is not entering a first usemame and a second usemame into the User ID 
Field. Amended claim 2 recites: 
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wherein the login information further includes a second usemame 
entered by the user as part of the user identification input in addition to the 
first usemame and the ahemate class , and 

in the providing step, access to the computer system is provided with 
the rights and privileges of the second usemame. 



Amended claims 10 and 16 contain similar recitations. This claimed feature allows a user to enter 
his usemame, the usemame of another user, and an altemate class all together, as shown in the 
following figure. 



User ID: 



Password: 



j doe:brianc: admin 



Nowhere does Numano teach this claimed feature. Numano only teaches that a first user is 
logged in, then a switching function is used to allow a second user to log in while the first user is still 
logged in. Numano does not teach or suggest "the login information further includes a second 
usemame entered by the user as part of the user identification input in addition to the first usemame 
and the altemate class". 



Further, with respect to claims 7, 14, and 20, the Examiner correctly recognizes that "Worth 
does not explicitly disclose wherein in the receiving interface/step, the first usemame and altemate 
class are entered into a singled data field so that identity switching is accomplished in one user step." 
However, the Examiner takes the position that Numano teaches this feature of the present invention, 
stating: 

Numano discloses a receiving interface (Fig 2, item 5 1 1 ; Fig 3, item 511; and Fig 4, 
item 511) which allows all the login information (i.e. user name and password) to be 
entered into a single data field (i.e. login GUI 511) so that identity switching is 
accomplished in one user step. One skilled in the art having common sense and 
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creativity would have found it obvious to apply Numano's teachings to other types of 
login information other than just usemames and passwords. 

A "data field", as recited in the claims, is an input field such as the "User ID" field shown in 
the above figures. Allowing a user to enter a user id in one data field and a password in another data 
field, as taught by Numano, is not the same as the feature that "the first usemame and alternate class 
are entered into a single data field so that identity switching is accomplished in only one user step.". 
Amended claim 7 recites "in the receiving step, the first usemame and alternate class are entered into 
a single data field as a single character string so that identity switching is accomplished in only one 
user step." Amended claims 14 and 20 contain similar recitations. Nowhere does Numano or Worth 
teach or suggest entering the first usemame and altemate class into a single data field as a single 
character string. 

Therefore, it is respectfiilly submitted that the rejections of claims 1-20 under 35 U.S.C. § 
102(b) and 35 U.S.C. § 103(a) should be withdrawn. 

No amendment made was related to tiie statutory requirements of patentability unless 
expressly stated herein. No amendment made was for the purpose of narrowing the scope of any 
claim, unless Applicants have argued herein that such amendment was made to distinguish over a 
particular reference or combination of references. 

In view of the foregoing, it is respectfiilly submitted that the application and the claims are in 
condition for allowance. Reexamination and reconsideration of the application, as amended, are 
requested. 

If for any reason the Examiner finds the application other than in condition for allowance, the 
Examiner is invited to call the undersigned attomey at (561) 989-98 1 1 should the Examiner believe a 
telephone interview would advance the prosecution of the application. 
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Respectfiilly submitted, 



Date: July 10, 2008 By: /Stephen Bongini/ 

Stephen Bongini 
Reg. No. 40,917 
Attorney for Applicants 



FLEIT GIBBONS GUTMAN 
BONGINI & BIANCO P.L. 
One Boca Commerce Center 
551 N.W. 77th Street, Suite 1 1 1 
Boca Raton, Florida 33487 
Telephone: (561)989-9811 
Facsimile: (561)989-9812 



